On Feb 7, 2014, at 8:46 PM, Peter Lepeska <bizzbyster@gmail.com<mailto:bizzbyster@gmail.com>> wrote:
Do we really think it's realistic that all of this content could be served by a single, or a small number of reverse proxy / CDNs?
I don't think it is realistic, especially for the really small content providers (if it is correct to define them so) as the bloggers
or the people that at moment they have their own personal web site …
as we are implying that not only they should switch to support TLS (that can be a good thing for them, and for the Internet in general)
but we would also force them to partner with a CND operators
Do we even want a single or a small number of CDN operators to have the private keys for all content on the Internet?
That level of centralization might be seen as a step backwards in security terms.
Hope this isn't too much of a digression -- my main point is just that CDNs are an inadequate replacement technology for forward proxies in many cases.
I tend to agree that CDN is not a panacea,
CDN can be improve the situation in some case, but we have to be realistic here
and admit that it can be used as forward proxies replacement only in a really small part of
all the use cases where the forwarded proxy are used nowadays
/Salvatore